JP6576699B2 - Encryption system, update method, and update program - Google Patents

Encryption system, update method, and update program Download PDF

Info

Publication number
JP6576699B2
JP6576699B2 JP2015119406A JP2015119406A JP6576699B2 JP 6576699 B2 JP6576699 B2 JP 6576699B2 JP 2015119406 A JP2015119406 A JP 2015119406A JP 2015119406 A JP2015119406 A JP 2015119406A JP 6576699 B2 JP6576699 B2 JP 6576699B2
Authority
JP
Japan
Prior art keywords
key
data
current
encrypted
encryption
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
JP2015119406A
Other languages
Japanese (ja)
Other versions
JP2017005587A (en
Inventor
敏伸 山口
敏伸 山口
Original Assignee
コニカミノルタ株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by コニカミノルタ株式会社 filed Critical コニカミノルタ株式会社
Priority to JP2015119406A priority Critical patent/JP6576699B2/en
Publication of JP2017005587A publication Critical patent/JP2017005587A/en
Application granted granted Critical
Publication of JP6576699B2 publication Critical patent/JP6576699B2/en
Application status is Active legal-status Critical
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/12Details relating to cryptographic hardware or logic circuitry

Description

  The present disclosure relates to an encryption system that manages encrypted data, a key update method used when encrypting data, and a key update program.

  In recent years, cloud services have become widespread. By using a cloud service, for example, a service provided to an employee by an in-house system is provided at a low cost by a server on the cloud. In the in-house system, since the in-house operator manages the database, there is little risk of information leaking outside. In the cloud service, since the database in the server can be viewed by a third party operator, there is a risk that information is leaked to the outside. Therefore, it is desirable that the confidential data is managed after being encrypted in the cloud server.

  Regarding such an encryption technique, Japanese Patent Application Laid-Open No. 2014-17763 (Patent Document 1) states that “the management of a database in which encrypted data is stored while reducing the load on the device on the user side who desires to update the encryption. "Technology for performing cipher update without giving plaintext or decryption information to a person".

JP 2014-17763 A

  Generally, an encryption key (hereinafter also referred to as “key”) is used for data encryption. It is preferable for security that the key is periodically updated. When updating the key, the database needs to be re-encrypted to match the updated key.

  The re-encryption process is executed by a client connected to the cloud server via a network, for example. More specifically, the client acquires data from the cloud server, decrypts the data with the pre-update key, re-encrypts the data with the post-update key, and stores the data in the cloud server. If millions of pieces of data are managed on a database, re-encryption processing takes time, which may hinder service provision.

  The technology disclosed in Patent Document 1 encrypts encrypted data with a new encryption key every time a new encryption key is generated. As described above, in this technique, since the data is encrypted with the encryption key several times, it takes time to decrypt the data. Further, the data size increases every time the encryption key is updated.

  The present disclosure has been made to solve the above-described problems, and an object in one aspect is to reduce the efficiency of encryption processing and decryption processing due to the update of the encryption key. It is to provide an encryption system that can be prevented. The objective in the other situation is to provide the key update method which can prevent that the efficiency of an encryption process and a decoding process falls due to the update of an encryption key. Still another object of the present invention is to provide a key update program that can prevent the efficiency of the encryption process and the decryption process from being reduced due to the update of the encryption key.

According to an aspect, a data encryption system encrypts data by a first encryption method using a first key, generates a first encrypted data, and a second key. A second encryption unit configured to encrypt the first encrypted data using the second encryption method used to generate second encrypted data ; The second encryption method is an encryption method that performs a shift operation based on a second key that defines a data shift amount, or an XOR operation that is performed based on a second key that defines a data inversion position. This is the encryption method to be performed. The encryption system receives the update instruction for both the current first key and the current second key based on the data storage unit for storing the generated second encrypted data and the current second key. A key update unit for updating one key to a new first key and a current second key to a new second key, and encryption with the current second key when updating the current second key A difference between the data updating unit that converts the encrypted second encrypted data into a state encrypted with the new second key, and the current second key and the new second key And a calculation unit for. The data updating unit uses the difference to encrypt the second encrypted data encrypted with the current second key without decrypting the current second key with the new second key. Convert to the state. The encryption system includes a first decryption unit for decrypting the second encrypted data converted by the data update unit into the first encrypted data with the second key updated by the key update unit, and a key update And a second decryption unit for decrypting the first encrypted data obtained by the decryption by the first decryption unit with the first key before being updated by the unit.

Preferably, the data update unit deletes the difference after the conversion of the second encrypted data.
Preferably, the data size of the second encrypted data before the conversion process is equal to the data size of the second encrypted data after the conversion process.

Preferably, the data storage unit stores the second encrypted data and the update date / time of the second encrypted data in association with each other. The encryption system further includes a history information storage unit that encrypts the past first key and the generation date and time of the first key with the current first key, and stores it as history information, and a current second key. And a second key storage unit for storing the second key information after encrypting with the current first key .

  Preferably, the key update unit decrypts the history information with the current first key based on accepting the update instruction of the current first key, and sets the current first key as the past first key. One key and the generation date and time of the first key are added to the history information, and the history information is encrypted with the new first key.

  Preferably, the key update unit decrypts the second key information with the current first key on the basis of receiving the current second key update instruction, and is included in the second key information after the decryption process. The current second key is replaced with a new second key, and the second key information after the replacement process is encrypted with the new first key.

  Preferably, the encryption system further includes a deletion unit for deleting the second encrypted data based on the fact that the update date of the second encrypted data has passed the storage period. The key update unit decrypts the history information with the current first key based on the deletion of the second encrypted data, and stores it from the past first key included in the history information after the decryption process. The first key whose period has expired is deleted, and the history information after the deletion process is encrypted again with the current first key.

Preferably, the second decryption unit decrypts the first encrypted data into data with the latest first key whose generation date and time is earlier than the update date and time of the second encrypted data.

  Preferably, the encryption system includes a client and a server connected to each other via a network. The client includes a first key storage unit for storing the current first key. The server includes a second key storage unit, a history information storage unit, and a data storage unit.

  Preferably, the encryption system includes a client and a server connected to each other via a network. The client includes a first key storage unit for storing the current first key, a second key storage unit, and a history information storage unit. The server includes a data storage unit.

  Preferably, the encryption process from the data to the second encrypted data and the decryption process from the second encrypted data to the data are executed by at least one of the client and the server.

According to another aspect, a key update method used when encrypting data executed by a computer in a data encryption system, wherein the computer encrypts data using a first encryption method using a first key. And generating a first encrypted data, and a computer encrypting the first encrypted data by a second encryption method using a second key and generating a second encrypted data . The second encryption method is an encryption method that performs a shift operation based on a second key that defines a data shift amount, or an XOR operation that is performed based on a second key that defines a data inversion position. This is the encryption method to be performed. In the update method, the computer stores the generated second encrypted data in the storage device of the encryption system , and the computer receives an instruction to update both the current first key and the current second key. And updating the current first key to a new first key and updating the current second key to a new second key, and when the computer updates the current second key, Converting the second encrypted data encrypted with the current second key into a state encrypted with the new second key, and the computer having the current second key and the new second key And a step of calculating a difference between them. In the converting step, the computer performs a bit operation using the difference, so that the second encrypted data encrypted with the current second key is not decrypted with the current second key, A process of converting to a state encrypted with the new second key is executed. The update method includes a step of decrypting the second encrypted data after the conversion at the step of converting into the first encrypted data with the second key after the update at the step of updating, and before the update at the step of updating And decrypting the first encrypted data obtained in the decrypting step with the first key .

According to yet another aspect, a key update program that can be executed by a computer in a data encryption system and is used when data is encrypted, wherein the computer uses the first encryption method that uses the first key to store data. Are encrypted and the first encrypted data is generated, and the first encrypted data is encrypted by the second encryption method using the second key to generate the second encrypted data . The second encryption method is an encryption method that performs a shift operation based on a second key that defines a data shift amount, or an XOR operation that is performed based on a second key that defines a data inversion position. This is the encryption method to be performed. The computer further stores the generated second encrypted data in a storage device of the computer, and receives a current first key and an update instruction for the current second key based on the current first key. Updating the key to a new first key, updating the current second key to a new second key, and updating the current second key to a second encrypted with the current second key. 2 A step of converting the encrypted data into a state encrypted with a new second key and a step of calculating a difference between the current second key and the new second key are executed. In the converting step, the bit operation using the difference is executed, so that the second encrypted data encrypted with the current second key is newly decrypted without being decrypted with the current second key. A process of converting to a state encrypted with the second key is executed. The computer further includes the step of decrypting the second encrypted data after the conversion at the step of converting into the first encrypted data with the second key after the update at the step of updating, and the update at the step of updating The first encrypted data obtained in the decrypting step is decrypted with the previous first key .

  In one aspect, it is possible to prevent the efficiency of the encryption process and the decryption process from being reduced due to the update of the encryption key.

  The above and other objects, features, aspects and advantages of the present invention will become apparent from the following detailed description of the present invention taken in conjunction with the accompanying drawings.

It is a conceptual diagram which shows roughly the update process of the encryption key by the encryption system according to related technology. It is a conceptual diagram which shows roughly the content of the data which the encryption system according to 1st Embodiment utilizes. It is a figure which shows an example of the function structure at the time of the key update of the encryption system according to 1st Embodiment. It is a flowchart showing the key update process of the encryption system according to 1st Embodiment. It is a figure which shows an example of a function structure at the time of the encryption of the encryption system according to 1st Embodiment. It is a flowchart showing the encryption process of the encryption system according to 1st Embodiment. It is a figure which shows an example of a function structure at the time of the decoding of the encryption system according to 1st Embodiment. It is a figure which shows the other example of a function structure at the time of the decoding of the encryption system according to 1st Embodiment. It is a flowchart showing the decoding process of the encryption system according to 1st Embodiment. It is a block diagram which shows the main hardware constitutions of the encryption system according to 1st Embodiment. It is a figure which shows an example of a function structure at the time of the key deletion of the encryption system according to 2nd Embodiment. It is a flowchart showing the deletion process of the encryption system according to 2nd Embodiment.

  Embodiments according to the present invention will be described below with reference to the drawings. In the following description, the same parts and components are denoted by the same reference numerals. Their names and functions are also the same. Therefore, detailed description thereof will not be repeated. Each embodiment and each modified example described below may be selectively combined as appropriate.

<Related technologies>
First, in order to deepen the understanding of the following embodiments, an encryption system 300X according to the related art will be described with reference to FIG. FIG. 1 is a conceptual diagram schematically showing encryption key update processing by the encryption system 300X. As shown in FIG. 1, the encryption system 300X includes a client 100X and a server 200X that are connected to each other on a network.

  When the client 100X receives the data to be encrypted, the client 100X encrypts the data in two stages. Hereinafter, the encryption key used in the first-stage encryption process is also referred to as “main key”. The encryption key used in the second-stage encryption process is also referred to as a “sub key”. The client 100X encrypts the data to be encrypted with the main key A0, and further encrypts the data obtained by the encryption with the sub key B0. The client 100X transmits the data DX encrypted with the main key A0 and the sub key B0 to the server 200X. Server 200X stores data DX received from client 100X.

  When receiving an update instruction for the main key A0 and the subkey B0, the client 100X generates a new main key A1 that replaces the current main key A0 and also generates a new subkey B1 that replaces the current subkey B0. The client 100X transmits the new main key A1 and subkey B1 to the server 200X, and transmits the subkey B0 before update encrypted with the main key A1 to the server 200X. Based on the reception of the main key A1 and the subkey B1, the update unit 20X of the server 200X converts the data DX encrypted with the subkey B0 and the subkey B0 encrypted with the main key A1 with the subkey B1. Encrypt further. Thus, since the server 200 updates the key without decrypting the data DX, there is little risk that the contents of the data DX will be leaked to the administrator of the server 200X.

  The encryption system 300X encrypts the data DX with a new subkey every time the key is updated, and sequentially stores the subkeys before the update. Therefore, the data size on the server 200X increases every time the key is updated. In addition, when data DX is decrypted, it is necessary to sequentially decrypt data DX that has been encrypted with the sub-key in order, so that the time required for the decryption process increases as the number of key updates increases.

  The encryption system 300 according to the embodiment described below can solve these problems. That is, the encryption system 300 prevents the data size on the server from increasing each time the key is updated, and prevents the efficiency of the decryption process from being reduced due to the update process.

<First Embodiment>
[data structure]
With reference to FIG. 2, the content of data used by encryption system 300 according to the first embodiment will be described. FIG. 2 is a conceptual diagram schematically showing the contents of data used by the encryption system 300.

  As shown in FIG. 2, the encryption system 300 includes a client 100 and a server 200 connected to each other on a network.

  The client 100 includes main key information 111. The main key information 111 is stored in the storage device 110 (see FIG. 10) of the client 100, for example. The main key information 111 includes information on the current main key. In the example of FIG. 2, the main key information 111 includes the main key A0 and the generation date and time of the main key A0.

  Server 200 includes main key history information 211, subkey information 212, and database 213. The main key history information 211, the sub key information 212, and the database 213 are stored in the storage device 210 (see FIG. 10) of the server 200.

  The main key history information 211 includes information on past main keys. As an example, the main key history information 211 includes past main keys Aa to Az and generation dates and times of the main keys Aa to Az. The main key history information 211 is encrypted with the current main key A0.

  The sub key information 212 includes information regarding the current sub key. The sub key information 212 is encrypted with the current main key A0. As an example, the subkey information 212 includes a subkey B0.

  The database 213 includes data to be managed and information related to the data. Data to be managed is encrypted with the main key and further encrypted with the sub key. As an example, in the database 213, the encrypted data and the update date and time of the data are associated with each other.

  The storage locations of the main key information 111, the main key history information 211, the sub key information 212, and the database 213 are not limited to the example in FIG. That is, these storage locations are arbitrary. For example, the main key information 111, the main key history information 211, and the sub key information 212 may be stored in the client 100, and the database 213 may be stored in the server 200.

[Processing of Encryption System 300]
Examples of processing executed by the encryption system 300 include key update processing, encryption processing, and decryption processing. The encryption system 300 updates a key used for encryption and decryption by executing a key update process. The encryption system 300 executes encryption processing to encrypt plaintext data and generate encrypted data. The encryption system 300 executes decryption processing to decrypt the encrypted data and generate plaintext data.

  Hereinafter, the key update process, encryption process, and decryption process of the encryption system 300 will be described in order.

(Key update process)
With reference to FIG. 3 and FIG. 4, the key update process of the encryption system 300 is demonstrated. FIG. 3 is a diagram illustrating an example of a functional configuration of the encryption system 300 at the time of key update. FIG. 4 is a flowchart showing the key update process of the encryption system 300. The processing in FIG. 4 is realized by the CPU (Central Processing Unit) 102 (see FIG. 10) of the client 100 and the CPU 202 (see FIG. 10) of the server 200 executing the key update program. In other aspects, some or all of the processing may be performed by circuit elements or other hardware.

  As illustrated in FIG. 3, the client 100 includes a key generation unit 150, a key update unit 152, and a calculation unit 154 as a functional configuration for realizing key update processing. Server 200 includes a data updating unit 250.

  In step S50, the key generation unit 150 receives the main key A1 that replaces the current main key A0 and the subkey B1 that replaces the current subkey B0 based on the reception of the instruction to update the main key A0 and the subkey B0. Create a new one. As an example, the key update instruction is issued every preset period (for example, one day). Alternatively, the key update instruction is issued based on a key update operation on the client 100. The key generation unit 150 outputs the newly generated main key A1 to the key update unit 152 and outputs the newly generated subkey B1 to the calculation unit 154.

  In step S <b> 52, the key update unit 152 acquires the main key history information 211 from the server 200. Since the main key history information 211 is encrypted with the main key A0 before update, the key update unit 152 decrypts the main key history information 211 with the main key A0. The key updating unit 152 adds the new main key A1 and the generation date and time of the main key A1 to the decrypted main key history information 211. Thereafter, the key update unit 152 encrypts the main key history information 211 with the new main key A1 and transmits the main key history information 211 to the server 200. The server 200 stores the received main key history information 211.

  In step S <b> 54, the key update unit 152 updates the main key information 111 stored in the client 100. More specifically, the key updating unit 152 replaces the main key A0 included in the main key information 111 with a new main key A1, and sets the generation date and time of the main key A0 included in the main key information 111 to the main key A1. Replace with the creation date of.

  In step S56, the calculation unit 154 calculates the difference C between the current subkey B0 and the new subkey B1. The calculation unit 154 outputs the calculated difference C to the data update unit 250.

  In step S <b> 58, the key update unit 152 acquires the sub key information 212 from the server 200. Since the subkey information 212 is encrypted with the main key A0 before update, the key update unit 152 decrypts the subkey information 212 with the main key A0. The key update unit 152 replaces the sub key B0 included in the sub key information 212 with the new sub key B1. After that, the key update unit 152 encrypts the sub key information 212 with the new main key A1, and transmits the sub key information 212 to the server 200. The server 200 stores the received subkey information 212.

  In step S60, when updating the subkey B0, the data updating unit 250 converts the database 213 encrypted with the subkey B0 before the update into a state encrypted with the new subkey B1 after the update. More specifically, the data update unit 250 uses the difference C to convert the database 213 into a state encrypted with the subkey B1 without decrypting the database 213 with the subkey B0.

  The update process in step S60 will be described in more detail with a specific example. In one aspect, the encryption with the subkey is realized by bit-shifting the data. In this case, a data shift amount is defined in the subkey. As an example, it is assumed that “3-bit right shift” is defined as the shift amount in the subkey B0. It is assumed that “9-bit right shift” is defined as the shift amount in the sub key B1. In this case, the calculation unit 154 calculates “6-bit right shift” obtained by subtracting the subkey B0 from the subkey B1 as the difference C.

  Based on the difference C, the data update unit 250 shifts the database 213 encrypted with the subkey B0 to the right by 6 bits, thereby making the database 213 encrypted with the subkey B1. In this way, the data update unit 250 converts the database 213 into a state in which the database 213 is encrypted with the updated subkey B1 without being decrypted with the subkey B0 before the update. Thereby, the data update part 250 can speed up the conversion process of the database 213 at the time of key update. As a result, the load on the encryption system 300 during the key update is reduced.

  In another aspect, the encryption by the subkey is realized by bit inversion. In this case, a bit position that is inverted in 1-byte (that is, 8 bits) data is defined in the subkey. As an example, it is assumed that “first bit, third bit” is defined as the inversion position in the subkey B0. It is assumed that “first bit, fourth bit” is defined as the inversion position in the subkey B1. In this case, the calculation unit 154 calculates “the third bit, the fourth bit” obtained by subtracting the sub key B0 from the sub key B1 as the difference C.

  Based on the difference C, the data update unit 250 inverts the third and fourth bits for each byte of data in the database 213. In this way, the data updating unit 250 can convert the database 213 into a state where the database 213 is encrypted with the updated subkey B1 without being decrypted with the updated subkey B0.

  Since the server 200 converts the database 213 without using the new subkey B1, the subkey B1 does not leak to the administrator of the server 200. Furthermore, if the subkey is frequently updated, even if the administrator of the server 200 obtains a past subkey, the administrator cannot decrypt the database 213. Therefore, the risk of leaking the contents of the database 213 to the administrator is low.

  Preferably, the data size of the database 213 before the conversion process is equal to the data size of the database 213 after the conversion process. As a result, the data update unit 250 prevents the data size on the server 200 from increasing each time the key is updated.

  More preferably, the data update unit 250 deletes the difference C after the database 213 is converted. Thereby, the data update unit 250 can prevent the difference C from being accumulated every time the key is updated, and can prevent the data size from increasing on the server 200 due to the key update process.

(Encryption processing of the encryption system 300)
The encryption processing of the encryption system 300 will be described with reference to FIGS. 5 and 6. FIG. 5 is a diagram illustrating an example of a functional configuration of the encryption system 300 at the time of encryption. FIG. 6 is a flowchart showing the encryption process of the encryption system 300. The processing in FIG. 6 is realized by the CPU 102 (see FIG. 10) of the client 100 and the CPU 202 (see FIG. 10) of the server 200 executing the encryption program. In other aspects, some or all of the processing may be performed by circuit elements or other hardware.

  As shown in FIG. 5, the client 100 includes a data encryption unit 130, a data encryption unit 134, and a key decryption unit 142 as functional configurations for realizing the encryption process. The server 200 includes a data update unit 250 as a functional configuration for realizing the encryption process.

  In step S10, the data encryption unit 130 acquires data to be encrypted. The data to be encrypted is, for example, data designated by the administrator of the client 100. Alternatively, the encryption target data is data of a folder set in advance in the client 100.

  In step S12, the data encryption unit 130 acquires the current main key A0 from the main key information 111. The data encryption unit 130 encrypts data to be encrypted by the first encryption method using the main key A0, and generates data D0. Preferably, an encryption algorithm having an encryption strength higher than that of a second encryption method to be described later is employed as the first encryption method. Examples of the first encryption method include AES (Advanced Encryption Standard) -256 bits and RSA (Rivest Shamir Adleman). The data encryption unit 130 outputs the encrypted data D0 to the data encryption unit 134.

  In step S <b> 14, the key decryption unit 142 receives the sub key information 212 from the server 200. Since the sub key information 212 is encrypted with the current main key A0, the key decryption unit 142 decrypts the sub key information 212 with the main key A0. The key decryption unit 142 acquires the subkey B0 from the decrypted subkey information 212, and outputs the subkey B0 to the data encryption unit 134.

  In step S16, the data encryption unit 134 encrypts the data D0 by the second encryption method using the subkey B0, and generates data D1. The data encryption unit 134 transmits the update date and time and the data D1 to the server 200 using the time when the data D1 is generated as the update date and time.

  As an example, an encryption method that is faster than the first encryption method is adopted as the second encryption method. Preferably, a method in which the data size is the same before and after encryption is adopted as the second encryption method regardless of the type of subkey. More preferably, a method that allows a difference between different subkeys is adopted as the second encryption method.

  As an example, for the second encryption method, an XOR operation, a shift operation, a data conversion algorithm based on a small-size conversion table, or the like is employed. In the XOR operation, the data encryption unit 134 generates a random number using the sub key as a seed, and determines a bit position to be inverted within 1 byte based on the random number. The data encryption unit 134 performs bit inversion for each byte of data D0. In the shift operation, the data encryption unit 134 generates a random number using the sub key as a seed, and determines the shift amount based on the random number. The data encryption unit 134 bit-shifts the data D0 by the determined shift amount.

  In step S18, the data update unit 250 stores the data D1 received from the client 100 and the update date and time in the database 213 as one record.

  Although the example in which the client 100 executes the encryption process has been described above, there is no problem with the security of the communication path between the client 100 and the server 200, and the data being encrypted is kept secret from the administrator of the server 200. If possible, the server 200 may execute the encryption process. That is, the encryption process can be executed by at least one of the client 100 and the server 200.

(Decryption processing of the encryption system 300)
The decryption process of the encryption system 300 will be described with reference to FIGS. FIG. 7 is a diagram illustrating an example of a functional configuration of the encryption system 300 at the time of decryption. FIG. 8 is a diagram illustrating another example of the functional configuration of the encryption system 300 at the time of decryption. FIG. 9 is a flowchart showing the decryption process of the encryption system 300. The processing in FIG. 9 is realized by the CPU 102 (see FIG. 10) of the client 100 and the CPU 202 (see FIG. 10) of the server 200 executing the decryption program. In other aspects, some or all of the processing may be performed by circuit elements or other hardware.

  As shown in FIGS. 7 and 8, the client 100 includes a data decryption unit 140, a key decryption unit 142, a key decryption unit 144, and a data decryption unit 146 for realizing the decryption process. including.

  In step S <b> 30, the data decryption unit 140 acquires the data D <b> 1 to be decrypted and the update date / time of the data D <b> 1 from the database 213 of the server 200. The data D1 to be decrypted is specified by the administrator of the client 100, for example.

  In step S <b> 32, the key decryption unit 142 acquires the sub key information 212 from the server 200. Since the sub key information 212 is encrypted with the current main key A 0, the key decryption unit 142 decrypts the sub key information 212 with the main key A 0 included in the main key information 111. The key decryption unit 142 acquires the sub key B0 from the decrypted sub key information 212. The key decryption unit 142 outputs the sub key B0 to the data decryption unit 140.

  In step S34, the data decryption unit 140 decrypts the data D1 encrypted with the subkey B0 with the subkey B0, and generates data D0. The data decoding unit 140 outputs the data D0 to the data decoding unit 146.

  In step S36, the client 100 determines whether or not the update date and time of the data D1 is newer than the current generation date and time of the main key A0. If the client 100 determines that the update date / time of the data D1 is newer than the current generation date / time of the main key A0 (YES in step S36), the client 100 switches the control to step S38. If not (NO in step S36), the client 100 switches the control to step S40.

  In step S38, the data decryption unit 146 acquires the main key A0 from the main key information 111, and decrypts the data D0 with the main key A0. As a result, the data decryption unit 146 can acquire plaintext data.

  In step S <b> 40, the key decryption unit 144 acquires the main key history information 211 from the server 200. Since the main key history information 211 is encrypted with the current main key A0, the key decryption unit 144 decrypts the main key history information 211 with the main key A0. As a result, the past main key and the generation date and time of the main key are obtained. The acquired information may be held in the client 100 as a cache. This speeds up the next decoding process. The key decryption unit 144 selects a main key whose generation date / time is older than the update date / time of the encrypted data from the main keys included in the main key history information 211, and the newest main key Aa among the selected main keys. To get. The key decryption unit 144 outputs the main key Aa to the data decryption unit 146.

  In step S42, the data decryption unit 146 decrypts the data D0 with the main key Aa. As described above, the data decryption unit 146 decrypts the data D1 into plaintext data using the main key Aa generated before the update date and time of the data D1.

  7 and 8, the example in which the client 100 executes the decryption process has been described. However, there is no problem in the security of the communication path between the client 100 and the server 200, and the data being decrypted is stored in the server 200. If it can be kept secret from the administrator, the server 200 may execute the decryption process. That is, the decryption process can be executed by at least one of the client 100 and the server 200.

[Hardware Configuration of Encryption System 300]
An example of the hardware configuration of the encryption system 300 will be described with reference to FIG. FIG. 10 is a block diagram showing the main hardware configuration of the encryption system 300. As shown in FIG. 10, the encryption system 300 includes a client 100 and a server 200. The client 100 and the server 200 are connected to each other via a network. Hereinafter, the hardware configuration of the client 100 and the hardware configuration of the server 200 will be described in order.

(Hardware configuration of client 100)
As shown in FIG. 10, the client 100 includes a ROM (Read Only Memory) 101, a CPU 102, a RAM (Random Access Memory) 103, a network I / F (interface) 104, a monitor 105, and a storage device 110. Including.

  The ROM 101 stores an operating system of the client 100, a control program executed by the client 100, and the like. The CPU 102 controls the operation of the client 100 by executing various programs such as an operating system and a control program for the client 100. The RAM 103 functions as a working memory and temporarily stores various data necessary for program execution.

  A communication device such as an antenna or a NIC (Network Interface Card) is connected to the network I / F 104. The client 100 transmits / receives data to / from other communication terminals via the communication device. Other communication terminals include, for example, the server 200 and other terminals. Client 100 may be configured to download program 115 for realizing various processes according to the present embodiment via network I / F 104.

  The monitor 105 displays various screens displayed by executing the program 115. The monitor 105 may be realized as a touch panel in combination with a touch sensor (not shown). The touch panel accepts an operation for selecting data to be encrypted or data to be decrypted, or accepts an operation for updating a key.

  The storage device 110 is a storage medium such as a hard disk or an external storage device. As an example, storage device 110 includes main key information 111 and program 115 according to the present embodiment. The main key information 111 is stored in, for example, a main key storage unit that is a predetermined storage area of the storage device 110. The program 115 is an encryption program for realizing data encryption, a decryption program for realizing decryption of encrypted data, and an update for realizing update processing of keys used for encryption processing. Includes programs.

  The program 115 may be provided by being incorporated in a part of an arbitrary program, not as a single program. In this case, processing according to the present embodiment is realized in cooperation with an arbitrary program. Even such a program that does not include some modules does not depart from the spirit of the encryption system 300 according to the present embodiment. Furthermore, some or all of the functions provided by the program 115 may be realized by dedicated hardware. Furthermore, the client 100 may be configured in the form of a so-called cloud service in which at least one server realizes processing according to the present embodiment. Furthermore, part or all of the functions provided by the program 115 may be realized by the cooperation of the client 100 and the server 200.

(Hardware configuration of server 200)
Next, the hardware configuration of the server 200 will be described. As illustrated in FIG. 10, the server 200 includes a ROM 201, a CPU 202, a RAM 203, a network I / F 204, a monitor 205, and a storage device 210.

  The ROM 201 stores an operating system of the server 200, a control program executed by the server 200, and the like. The CPU 202 controls the operation of the server 200 by executing various programs such as an operating system and a control program for the server 200. The RAM 203 functions as a working memory and temporarily stores various data necessary for program execution.

  A communication device such as an antenna or a NIC is connected to the network I / F 204. The server 200 transmits / receives data to / from other communication terminals via the communication device. Other communication terminals include, for example, the client 100 and other terminals. Server 200 may be configured to download program 215 for realizing various processes according to the present embodiment via network I / F 204.

  The monitor 205 displays various screens that are displayed by executing the program 215. The monitor 205 may be implemented as a touch panel in combination with a touch sensor (not shown).

  The storage device 210 is a storage medium such as a hard disk or an external storage device. As an example, storage device 210 includes main key history information 211, sub key information 212, database 213, and program 215 according to the present embodiment. The main key history information 211 is stored, for example, in a history information storage section that is a predetermined storage area of the storage device 210. The sub key information 212 is stored in, for example, a sub key storage unit that is a predetermined storage area of the storage device 210. The database 213 is stored in, for example, a data storage unit that is a predetermined storage area of the storage device 210. The program 215 is an encryption program for realizing data encryption, a decryption program for realizing decryption of encrypted data, and a key update process for realizing encryption processing. Includes update programs.

  The program 215 may be provided by being incorporated in a part of an arbitrary program, not as a single program. In this case, processing according to the present embodiment is realized in cooperation with an arbitrary program. Even such a program that does not include some modules does not depart from the spirit of the encryption system 300 according to the present embodiment. Furthermore, some or all of the functions provided by the program 215 may be realized by dedicated hardware. Furthermore, the server 200 may be configured in the form of a so-called cloud service in which at least one server realizes processing according to the present embodiment. Furthermore, some or all of the functions provided by the program 215 may be realized by the cooperation of the client 100 and the server 200.

[Brief Summary]
As described above, encryption system 300 according to the present embodiment encrypts encrypted data that has been encrypted with the subkey before the update with the new subkey after the update when the key is updated. Convert to state. That is, the encryption system 300 does not need to decrypt the encrypted data with the subkey before the update when the key is updated. This improves the efficiency of the key update process. Further, since it is not necessary to use the pre-update subkey when decrypting the encrypted data, the efficiency of the decryption process is also improved.

  Furthermore, the data size does not change before and after conversion of encrypted data at the time of key update. For this reason, it is possible to prevent the efficiency of the encryption process from being reduced due to the increase in the data size every time the key is updated.

<Second Embodiment>
[Overview]
The encryption system 300 according to the second embodiment deletes the data whose storage period has expired from the data included in the database 213, and the storage period has expired from the main keys included in the main key history information 211. Delete the main key. Thereby, the data amount in the encryption system 300 is suppressed. Further, since the data amount is suppressed, the time required for the encryption process and the decryption process is shortened.

  Since other points such as the hardware configuration of the encryption system 300 according to the second embodiment are the same as those of the encryption system 300 according to the first embodiment, description thereof will not be repeated.

[Deleting process of encryption system 300]
The deletion process of the encryption system 300 will be described with reference to FIGS. 11 and 12. FIG. 11 is a diagram illustrating an example of a functional configuration of the encryption system 300 at the time of key deletion. FIG. 12 is a flowchart showing the deletion process of the encryption system 300. The processing in FIG. 12 is realized by the CPU 102 (see FIG. 10) of the client 100 and the CPU 202 (see FIG. 10) of the server 200 executing the program. In other aspects, some or all of the processing may be performed by circuit elements or other hardware.

  As shown in FIG. 11, the encryption system 300 includes a client 100 and a server 200. The client 100 includes a key update unit 152 as a functional configuration for realizing the deletion process. The server 200 includes a data deletion unit 252 as a functional configuration for realizing the deletion process.

  In step S70, the data deletion unit 252 acquires the current time and determines the data storage period. The data storage period is, for example, a period from the current time to a predetermined time before (for example, one week before). The predetermined time may be set in advance at the time of design, or may be set by an administrator of the client 100 or the server 200. The data deletion unit 252 transmits the storage period to the key update unit 152.

  In step S <b> 72, the data deletion unit 252 deletes the encrypted data whose storage period has expired from the encrypted data included in the database 213. That is, the data deletion unit 252 refers to the update date and time associated with the data in the database 213 and deletes data whose update date and time is outside the storage period. Thereby, the data deletion unit 252 can prevent the data size of the database 213 from increasing.

  In step S 74, the key update unit 152 acquires the main key history information 211 from the server 200. Since the main key history information 211 is encrypted with the current main key A0, the key update unit 152 decrypts the main key history information 211 with the main key A0. The key update unit 152 deletes the main key whose storage period has passed from the main key history information 211 after the decryption process. That is, the key update unit 152 refers to the generation fine associated with the main key of the main key history information 211, and deletes data whose generation fine is outside the storage period. As a result, the key update unit 152 can prevent the data size of the main key history information 211 from increasing. The key update unit 152 encrypts the main key history information 211 after the deletion process again with the current main key A0. Thereafter, the key update unit 152 transmits the main key history information 211 to the server 200. The server 200 stores the received main key history information 211.

[Brief Summary]
As described above, encryption system 300 according to the present embodiment deletes data whose storage period has passed from database 213 and deletes the main key whose storage period has passed from main key history information 211. Thereby, the data sizes of the database 213 and the main key history information 211 can be kept constant, and the performance of the encryption system 300 can be maintained.

  The embodiment disclosed this time should be considered as illustrative in all points and not restrictive. The scope of the present invention is defined by the terms of the claims, rather than the description above, and is intended to include any modifications within the scope and meaning equivalent to the terms of the claims.

  20X update unit, 100, 100X client, 101, 201 ROM, 102, 202 CPU, 103, 203 RAM, 104, 204 network I / F, 105, 205 monitor, 110, 210 storage device, 111 main key information, 115, 215 program, 130, 134 data encryption unit, 142, 144 key decryption unit, 140, 146 data decryption unit, 150 key generation unit, 152 key update unit, 154 calculation unit, 200, 200X server, 211 main key history Information, 212 subkey information, 213 database, 250 data update unit, 252 data deletion unit, 300,300X encryption system.

Claims (13)

  1. A data encryption system,
    A first encryption unit for encrypting the data with a first encryption method using a first key and generating first encrypted data;
    A second encryption unit for encrypting the first encrypted data by a second encryption method using a second key and generating second encrypted data , wherein the second encryption method includes data An encryption method that performs a shift operation based on the second key that defines the shift amount of the data, or an encryption method that performs an XOR operation based on the second key that defines the data inversion position ,
    A data storage unit for storing the generated second encrypted data;
    The current first key is updated to a new first key on the basis of receiving update instructions for both the current first key and the current second key, and the current second key is updated. A key updating unit for updating the key to a new second key;
    A data updating unit that converts the second encrypted data encrypted with the current second key into a state encrypted with the new second key when the current second key is updated; ,
    A calculation unit for calculating a difference between the current second key and the new second key;
    The data updating unit uses the difference to create a new second data without decrypting the second encrypted data encrypted with the current second key with the current second key. Converted to a state encrypted with the key ,
    A first decryption unit for decrypting the second encrypted data converted by the data update unit into the first encrypted data with the second key updated by the key update unit;
    A second decryption unit for decrypting the first encrypted data obtained by decryption by the first decryption unit with the first key before the update by the key update unit. , Encryption system.
  2.   The encryption system according to claim 1, wherein the data update unit deletes the difference after the conversion of the second encrypted data.
  3.   The encryption system according to claim 1 or 2, wherein a data size of the second encrypted data before the conversion process is equal to a data size of the second encrypted data after the conversion process.
  4. The data storage unit stores the second encrypted data and the update date and time of the second encrypted data in association with each other ,
    The encryption system further includes:
    A history information storage unit that stores the past first key and the generation date and time of the first key as history information after encrypting with the current first key;
    The second key storage unit for encrypting the current second key with the current first key and storing the second key information as the second key information . Encryption system.
  5. The key update unit
    Based on receiving the current update instruction for the first key, the history information is decrypted with the current first key;
    Adding the first key and the date and time of generation of the first key to the history information, using the current first key as a past first key;
    The encryption system according to claim 4, wherein the history information is encrypted with the new first key.
  6. The key update unit
    Based on receiving the current second key update instruction, the second key information is decrypted with the current first key;
    Replacing the current second key included in the second key information after decryption with the new second key;
    The encryption system according to claim 4 or 5, wherein the second key information after replacement processing is encrypted with the new first key.
  7. The encryption system further includes a deletion unit for deleting the second encrypted data based on the update date and time of the second encrypted data having passed the storage period,
    The key update unit
    Based on the deletion of the second encrypted data, the history information is decrypted with the current first key;
    Deleting a first key whose storage period has expired from past first keys included in the history information after decryption processing;
    The encryption system according to any one of claims 4 to 6, wherein the history information after the deletion process is encrypted again with the current first key.
  8. The second decryption unit decrypts the first encrypted data into the data with the latest first key whose generation date and time is earlier than the update date and time of the second encrypted data. The encryption system according to any one of the above.
  9. The encryption system includes a client and a server connected to each other via a network,
    The client
    A first key storage unit for storing the current first key;
    The server
    The second key storage unit;
    The history information storage unit;
    The encryption system according to any one of claims 4 to 8, comprising the data storage unit.
  10. The encryption system includes a client and a server connected to each other via a network,
    The client
    A first key storage unit for storing the current first key;
    The second key storage unit;
    Including the history information storage unit,
    The server
    The encryption system according to claim 4, including the data storage unit.
  11.   The encryption process from the data to the second encrypted data and the decryption process from the second encrypted data to the data are performed by at least one of the client and the server. The described encryption system.
  12. A method of updating a key used when encrypting data executed by a computer in a data encryption system,
    The computer encrypting the data with a first encryption method using a first key to generate first encrypted data;
    The computer encrypting the first encrypted data by a second encryption method using a second key to generate second encrypted data , wherein the second encryption method includes a data shift An encryption method that performs a shift operation based on the second key that defines a quantity, or an encryption method that performs an XOR operation based on the second key that defines a data inversion position ;
    The computer storing the generated second encrypted data in a storage device of the encryption system;
    The computer updates the current first key to the new first key on the basis of accepting an update instruction for both the current first key and the current second key, and Updating the second key to a new second key;
    When the computer updates the second key, the computer converts the second encrypted data encrypted with the current second key into a state encrypted with the new second key. Steps,
    The computer calculating a difference between the current second key and the new second key;
    With
    In the converting step, the computer executes the bit operation using the difference, so that the second encrypted data encrypted with the current second key is converted with the current second key. Performing a process of converting to a state encrypted with the new second key without decryption ;
    Decrypting the second encrypted data after the conversion in the converting step into the first encrypted data with the second key after the updating in the updating step;
    An update method comprising: decrypting the first encrypted data obtained in the decrypting step into the data with the first key before the updating in the updating step .
  13. A key update program that can be executed by a computer in a data encryption system and is used when data is encrypted,
    In the computer,
    Encrypting the data with a first encryption scheme using a first key to generate first encrypted data;
    Encrypting the first encrypted data by a second encryption method using a second key and generating a second encrypted data , wherein the second encryption method defines a data shift amount An encryption method for performing a shift operation based on the second key, or an encryption method for performing an XOR operation based on the second key that defines a data inversion position ,
    In addition to the computer,
    Storing the generated second encrypted data in a storage device of the computer;
    Based on accepting an instruction to update the current first key and the current second key, the current first key is updated to the new first key, and the current second key is updated. Updating to the second key;
    When updating the current second key, converting the second encrypted data encrypted with the current second key into a state encrypted with the new second key;
    Calculating a difference between the current second key and the new second key;
    And execute
    In the converting step, the second encrypted data encrypted with the current second key is decrypted with the current second key by performing a bit operation using the difference. Without performing the process of converting to a state encrypted with the new second key ,
    In addition to the computer,
    Decrypting the second encrypted data after the conversion in the converting step into the first encrypted data with the second key after the updating in the updating step;
    An update program for executing the step of decrypting the first encrypted data obtained in the decrypting step with the first key before the updating in the updating step .
JP2015119406A 2015-06-12 2015-06-12 Encryption system, update method, and update program Active JP6576699B2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP2015119406A JP6576699B2 (en) 2015-06-12 2015-06-12 Encryption system, update method, and update program

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2015119406A JP6576699B2 (en) 2015-06-12 2015-06-12 Encryption system, update method, and update program
US15/177,514 US10243736B2 (en) 2015-06-12 2016-06-09 Cryptographic system, updating method, and non-transitory storage medium encoded with computer readable program

Publications (2)

Publication Number Publication Date
JP2017005587A JP2017005587A (en) 2017-01-05
JP6576699B2 true JP6576699B2 (en) 2019-09-18

Family

ID=57516176

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2015119406A Active JP6576699B2 (en) 2015-06-12 2015-06-12 Encryption system, update method, and update program

Country Status (2)

Country Link
US (1) US10243736B2 (en)
JP (1) JP6576699B2 (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106878009A (en) * 2017-02-21 2017-06-20 蔚来汽车有限公司 Key updating method and system
WO2019093201A1 (en) * 2017-11-07 2019-05-16 日本電信電話株式会社 Communication terminal, server device, and program
GB2574458A (en) * 2018-06-07 2019-12-11 Gbr14 Ltd Methods and Systems For Secure Data Transmission

Family Cites Families (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH1020779A (en) * 1996-07-08 1998-01-23 Hitachi Inf Syst Ltd Key changing method in open key cipher system
JP2002149608A (en) * 2000-11-09 2002-05-24 Techno Brain:Kk System/method for managing secrecy by deciphering and computer-readable recording medium with program for making computer perform the method recorded thereon
SE522794C2 (en) * 2001-02-23 2004-03-09 Ericsson Telefon Ab L M Device and method for communicating electronic data via a network infrastructure that has a mechanism unicast and multicast mechanism
JP2003152703A (en) * 2001-11-12 2003-05-23 Victor Co Of Japan Ltd Encryption device, encryption method, decryption device, decryption method, encryption decryption device and encryption decryption method
JP3904432B2 (en) * 2001-11-16 2007-04-11 株式会社ルネサステクノロジ Information processing device
JP2005135003A (en) * 2003-10-28 2005-05-26 Canon Inc Document management system
US8045714B2 (en) * 2005-02-07 2011-10-25 Microsoft Corporation Systems and methods for managing multiple keys for file encryption and decryption
WO2007016787A2 (en) * 2005-08-09 2007-02-15 Nexsan Technologies Canada Inc. Data archiving system
JP4629602B2 (en) * 2006-03-24 2011-02-09 日本電信電話株式会社 Public key encryption communication system, public key encryption communication method, client terminal, and client program
US7978849B2 (en) * 2007-11-19 2011-07-12 Kabushiki Kaisha Toshiba Image forming apparatus, and control method thereof
JP2014017763A (en) 2012-07-11 2014-01-30 Nec Corp Encryption update system, encryption update request device, encryption update device, decryption device, encryption update method, and computer program
JP6033741B2 (en) * 2013-06-14 2016-11-30 株式会社日立製作所 Encryption key update system and method
JP6330528B2 (en) * 2014-07-04 2018-05-30 富士通株式会社 Data division control program, data division control method, and data division control device

Also Published As

Publication number Publication date
US20160365976A1 (en) 2016-12-15
JP2017005587A (en) 2017-01-05
US10243736B2 (en) 2019-03-26

Similar Documents

Publication Publication Date Title
EP1063811B1 (en) Cryptographic apparatus and method
US5200999A (en) Public key cryptosystem key management based on control vectors
US9275250B2 (en) Searchable encryption processing system
JP2005505069A (en) Memory encryption
EP2695052B1 (en) Random number generating system based on memory start-up noise
US20030138105A1 (en) Storing keys in a cryptology device
US20110173460A1 (en) Information processing device, method, program, and integrated circuit
CN103392178B (en) Database Encrypt System, method and program
US8155310B2 (en) Key derivation functions to enhance security
Tong et al. Cloud-assisted mobile-access of health data with privacy and auditability
US7454021B2 (en) Off-loading data re-encryption in encrypted data management systems
US9813389B2 (en) System and method for wireless data protection
CN104040937A (en) Multi-key cryptography for encrypting file system acceleration
JP3620138B2 (en) Key sharing system
US8634549B2 (en) Ciphertext key chaining
JP5296365B2 (en) System, method, and computer program for encryption key management and automatic generation
US20150026461A1 (en) System and Method to Create Resilient Site Master-key for Automated Access
JP2004126639A (en) Data management system, method and program
US9710623B2 (en) Cryptographic system
JP5024999B2 (en) Cryptographic management device, cryptographic management method, cryptographic management program
JP2000295209A (en) Method and system for key management and recording medium
KR101744748B1 (en) Contents protection, encryption and decryption apparatus using white-box cryptography
JP4996757B1 (en) Secret sharing system, apparatus and program
US20110216901A1 (en) Keystream encryption device, method, and program
DE60318633T2 (en) Administration of digital rights

Legal Events

Date Code Title Description
A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20160822

A977 Report on retrieval

Free format text: JAPANESE INTERMEDIATE CODE: A971007

Effective date: 20170517

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20170613

A521 Written amendment

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20170809

A02 Decision of refusal

Free format text: JAPANESE INTERMEDIATE CODE: A02

Effective date: 20180206

A521 Written amendment

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20180423

A911 Transfer of reconsideration by examiner before appeal (zenchi)

Free format text: JAPANESE INTERMEDIATE CODE: A911

Effective date: 20180501

A912 Removal of reconsideration by examiner before appeal (zenchi)

Free format text: JAPANESE INTERMEDIATE CODE: A912

Effective date: 20180713

A521 Written amendment

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20190521

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20190821

R150 Certificate of patent or registration of utility model

Ref document number: 6576699

Country of ref document: JP

Free format text: JAPANESE INTERMEDIATE CODE: R150